The Simulacrum: Stage 4 #112
3 changed files with 15 additions and 20 deletions
|
@ -1,16 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 NO562A YndVtONpmfFXYB1ASnPHsfczl1UbgZ2vccIrX2pEgx0
|
|
||||||
VzH2UD583L6wBLMCo6faIGyHR4+zXXOUTgQduEiFOxI
|
|
||||||
-> ssh-ed25519 5/zT0w +67r5S6PSFEgnrTu3eZpOd3eemZUdDOE+kjUw6GDgUM
|
|
||||||
jPzlW7hePFgsABUjryePu5yergQ2Qjczmmoxuo6CK+U
|
|
||||||
-> ssh-ed25519 TCgorQ DGJPjJYpeibxM+8OwofUCdttIT2OdNbvQ66wpWQM8XU
|
|
||||||
JCNQ3bT21j2ZsxbzA6FieKIui6lsvk1p0nvNOT7YtFo
|
|
||||||
-> ssh-ed25519 d3WGuA hIl5yluwf1f0DP5ZW1MalGPCj4XFYOu2sofwJSQZ6RE
|
|
||||||
BSHoe4cdRJlPrkc+taUIaIIUknexlGttzz2d9I3jtmk
|
|
||||||
-> ssh-ed25519 YIaSKQ EbqXS/XFQHSXCbzDJmg4gGUxP9TX3+vOxWtNQDJ8ih4
|
|
||||||
hNaWzoFG2iVef4Gm30LilGXYNsVkhmVt9dOvBo02mbM
|
|
||||||
-> V]i@xRtJ-grease
|
|
||||||
NEPxMUZa76GclWOasWptt6QS7frMclp9o+kD4KCLJB7ucFOYK7xxWfAEMkjtadfP
|
|
||||||
m0bbgbw7Jcs9/lA8VNAG2D5jTBayGgpkBQZ4
|
|
||||||
--- ViqZD8mJEKIMCZ5Q+wRQWR2FX/LMEfUwoumUtHlYabQ
|
|
||||||
KAÉû¹ÝgZü<šë*DfV6·=äG»+eœ`ºpª±ï÷6°<1E>º[Û‘Û û¸¢ºÐý-H1<1B>»Ã›Íí[fV.¾¢HÁ"OhÐñŒ½j•ùö8ïßß$‰;Û‘&5<>äxw§/mŒë<C592>Ö‘ß^7î‘f5ÔµyÏŽÓûC‚´6”¹U•æýi-R=/_R<5F><52>„·==æà½1˜'Ò qÞ·ŒvÜcwø
|
|
|
@ -43,9 +43,6 @@ in {
|
||||||
links.localAuthoritativeDNS = {};
|
links.localAuthoritativeDNS = {};
|
||||||
|
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
acmeDnsDbCredentials = {
|
|
||||||
file = ./acme-dns-db-credentials.age;
|
|
||||||
};
|
|
||||||
acmeDnsDirectKey = {
|
acmeDnsDirectKey = {
|
||||||
file = ./acme-dns-direct-key.age;
|
file = ./acme-dns-direct-key.age;
|
||||||
};
|
};
|
||||||
|
@ -78,8 +75,12 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.locksmith.waitForSecrets.acme-dns = [
|
||||||
|
"patroni-acmedns"
|
||||||
|
];
|
||||||
|
|
||||||
systemd.services.acme-dns.serviceConfig.EnvironmentFile = with config.age.secrets; [
|
systemd.services.acme-dns.serviceConfig.EnvironmentFile = with config.age.secrets; [
|
||||||
acmeDnsDbCredentials.path
|
"/run/locksmith/patroni-acmedns"
|
||||||
acmeDnsDirectKey.path
|
acmeDnsDirectKey.path
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -58,6 +58,16 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patroni = {
|
||||||
|
databases.acmedns = {};
|
||||||
|
users.acmedns = {
|
||||||
|
locksmith = {
|
||||||
|
nodes = config.services.dns.nodes.authoritative;
|
||||||
|
format = "envFile";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
dns.records = {
|
dns.records = {
|
||||||
securedns.consulService = "securedns";
|
securedns.consulService = "securedns";
|
||||||
"acme-dns-challenge.internal".consulService = "acme-dns";
|
"acme-dns-challenge.internal".consulService = "acme-dns";
|
||||||
|
|
Loading…
Reference in a new issue